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(54) System for performing financial transactions using a smart card 



(57) A financial information and transaction system 
comprising a host financial computer system, which 
host system maintains records of user account informa- 
tion; at least one terminal providing a user interface for 
accessing the host financial computer system, the at 
least one terminal including a means for transmitting 
and receiving data corresponding to the user account 
information, and a smart card interface device; wherein 
access to tiie records of user account information are 
organized in a hierarchy of three or more levels, which 
hierarchy comprises an initial level, a final level, and one 
or more intervening levels; wherein the records of user 
account information are accessed by passing through 
the hierarchy of three or more levels; and wherein 
means are provided for allowing access to the final level 
in the hierarchy by an automated task without passing 
through the one or more intervening levels is described. 
Further, a financial information and transaction system 
comprising a host financial computer system, said host 
system maintaining records of user account informa- 
tion; at least one terminal providing a user interface for 
accessing said host financial computer system, said at 
least one terminal including a means for conducting a 
transaction based on the user account information, a 
smart card interface device; and a smart card; wherein 
conducting said transaction based on said records of 
user account information is organized in a hierarchy of 
three or more levels, said hierarchy of three or more lev- 
els comprising an initial level, a final level, and one or 
more intervening levels; wherein said transaction is con- 
ducted by passing through said hierarchy of three or 
more levels; and wherein means are provided for allow- 
ing access to the final level in the hierarchy by an auto- 



mated task without passing through said one or more 
intervening levels is described. These transactions 
include a deposit of funds; a withdrawal of funds; an 
exchange of currency; a transfer of funds between said 
user's checking account and said user's savings 
account; a purchase of stock; and a sale of stock. 

Figure 1 
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Description 

BACKGROUND OF THE INVENTION 
Fiel(jQfthe Invention 

[0001] This invention generally relates to the field of 
smart cards for conducting financial transactions. More 
particularly, the present invention relates to a smart card 
that can acquire information regarding a customer's 
transactions and establish a system automated task for 
assisting in such financial transactions. 

Description of Related Art 

[0002] Credit cards. det>it cards, and automatic teller 
machine cards are widely used t>y consumers around 
the world to access, transfer and spend money. These 
cards make use of a magnetic strip disposed on the 
back of the card which is encoded with information 
about the cardholder and the account or accounts 
accessed by the card. Terminals, which may be auto- 
matic teller machines (ATMs) or merchant terminals at a 
place of business or point of sale, are used to read the 
coded information on the card and access the card- 
holder's account to complete a financial transaction. 
[0003] Besides the well known credit and debit cards, 
stored value cards are becoming increasingly popular. 
A stored value card is a card that is purchased or estab- 
lished for a specific monetary amount That monetary 
amount is stored as the value of the card. When the 
cardhokier desires to use the stored value card to pur- 
chase goods or services, the card is presented at the 
point of sale and the cost of the goods or services pur- 
chased is deducted from the value of the card. 
[0004] The cardholder may continue to use the stored 
value card in this manner until ail the value has been 
renK)ved from the card. The card may then be discardeid 
user of the care may provkJe a method for replenishing 
the value of the card. Such cards are commonly used 
today as a means for paying subway fare and making 
phone calls. 

[0005] Ttie de^/elopment of such convenient financial 
instruments has also produced "smart cards." Rather 
than employing information encoded on a magnetic 
strip, smart cards incorporate a microprocessor whrch is 
embedded in the card and can interact with the ATM or 
merchant terminal to provide information about the 
cardhokier or the cardholder's account, transaction 
authorization, or other information. Various smart card 
designs and applications are described in the following 
U.S. Patents which are incorporated herein by refer- 
ence: US. Patent Nos. 4.766,293 (Boston): 4.868.376 
(Lessin et al.); and 4.874,935 (Younger). 
[0006] Advanced smart cards, called very smart 
cards, may even include a battery, a keypad and an 
LCD display on the face of the card. However, due to the 
expense of such advanced cards, typical smart cards 



have no keypad or display and look like other plastic 
credit cards. 

[0007] Smart cards can be designed to operate as 
stored value cards, credit cards, debit cards, ATM cards, 

5 calling cards, etc. A smart card may also be designed to 
perform any combination of these various functions. 
However, the multiplicity of capabilities offered by smart 
cards couki result in customer frustration resulting from 
the vast array of choices available each time a smart 

10 card is placed In a smart card reader. For example, use 
of a smart card at a Citibank ATM machine might permit 
a customer to deposit money, to withdraw money, to 
exchange currency, to view a customer's balance, to 
transfer money between the customer's checking and 

IS savings accounts, to purchase and/or sell stocks, etc. A 
customer wishing to transact only a single type of trans- 
action might encounter a series of menus offering the 
various financial transaction options available to the 
customer. A transaction, initially perceived by the con- 

20 sumer to be seemingly a quick and efficient exchange, 
becomes a test of endurance between the customer 
and the machine as the customer windows down the 
choice available by selecting an option at each of sev- 
eral menus. 

25 [0008] Thus, there Is a need for a smart card that 
offers enhanced convenience when assisting a cus- 
tomer in executing a transaction. There Is also a need 
for a smart card that can acquire information regarding 
a consumer's transactions and establish a system auto- 

30 mated task for carrying out such financial transactions. 
Such a smart card has not been available in the prior 
art. 

SUMMARY OF THE INVENTION 

35 

[0009] Accordingly, it is an object of the present inven- 
tion to meet the above-stated needs and others. It is 
also an object of the present invention to provide a 
smart card which can aoqifl're information regarding a 

40 consumer's transactions and establish a system auto- 
mated task for carrying out such financial transactions. 
[0010] These objects, among others, have been 
obtained by means of a financial information and trans- 
action system comprising a host financial computer sys- 

45 tern, which host system maintains records of user 
account information; at least one terminal providing a 
user interface for accessing the host financial computer 
system, the at least one terminal Including a means for 
transmitting and receiving data corresponding to the 

50 user account informatk>n, arKi a smart card interface 
device; wherein access to the records of user account 
information are organized in a hierarchy of three or 
more levels, which hierarchy comprises an initial level, a 
final level, and one or more intervening levels; wherein 

55 the records of user account information are accessed 
by passing through the hierarchy of three or more levels; 
and wherein means are provided for allowing access to 
tiie final level in the hierarchy by an automated task 
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without passing through the one or more intervening 
levels. 

[0011] These objects, among others, have also been 
obtained by means of a financial information and trans- 
action system comprising a host financial computer sys- 
tem, said host system maintaining records of user 
account information; at least one terminal providing a 
user interface for accessing said host financial compu- 
ter system, said at least one terminal including a means 
for conducting a transaction based on the user account 
information, a smart card interface device: and a smart 
card; wherein conducting said transaction based on 
said records of user accourrt information is organized in 
a hierarchy of three or more levels, said hierarchy of 
three or more levels comprising an initial level, a final 
level, and one or more intervening levels; wherein said 
transaction is conducted by passing through said hierar- 
chy of three or more levels; and wherein means are pro- 
vided for allowing access to the final level in the 
hierarchy by an automated task without passing through 
said one or more intervening levels. 
[001 2] These transactions can include, but are not lim- 
ited to, a deposit of funds; a withdrawal of funds; an 
exchange of cunrency; a transfer of funds between said 
user's checking account and sakJ user's savings 
account; a purchase of stock; and a sale of stock. 
[001 3) It will be appreciated that the means for allow- 
ing access to the final level in the hierarchy by an auto- 
mated task can, in one preferred embodiment, be 
provided on the smart card; in another prefenred 
embodiment, can be provided in the smart card inter- 
face device; and. in still another prefenred embodiment, 
can be provided on the host financial computer system, 
[0014] Additional objects, advantages and novel fea- 
tures of the invention will be set forth in the description 
which follows or may be learned by those skilled in the 
art through reading these materials or practicing the 
invention. The objects and advantages of the invention 
may be achieved through the means recited in the 
attached claims. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0015] The accompanying drawings illustrate the 
present invention and are a part of the specification. 
Together with the following description, the drawings 
demonstrate and explain the principles of the present 
invention. In the drawings: 

Figure 1 is a block diagram of a financial informa- 
tion and transaction system in accordance with the 
invention; 

Figure 2 is a block diagram of a smart card accord- 
ing to the invention; and 

Figure 3 is a block diagram of a file structure of the 
smart card of Figure 2, 



DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

[001 6] Rgure 1 is a block diagram illustrating a system 

5 for providing financial information and performing finan- 
cial transactions in accordance with the present inven- 
tion. In this embodiment, a financial institution is 
represented by block 10. As known in the art, the finan- 
cial institution, such as a consumer banking institution. 

10 utilizes an automated system, including a host compu- 
ter, for maintaining records of customer accounts. 
These records are used to keep track of funds in the 
customer accounts, to enter debits and credits made to 
such accounts, and for other purposes. 

IS [001 7] In order to provide various services to the cus- 
tomer, such as providing account information and 
account debiting and crediting at the customer's 
request, a communications front end 12 is used to 
exchange data corresponding to such information. The 

20 communication front end 1 2 provides access to the host 
computer operated by the financial institution 10 from a 
variety of communication systems. For example, as 
shown, the communications front end 12 may exchange 
data with a standard switch network 14, such as one 

25 operated by a regional telephone company. Thus, data 
transfer utilizing such a system generally takes place 
over the telephone line. In this way, data may be 
exchanged with a user suitably linked to the standard 
switch network 14 with a modem using any of a variety 

30 of communication protocols known in the art. Moreover, 
data may be exchanged in this way other financial insti- 
tutions and financial networks (not shown), for example, 
to provide data for settlement of various customer trans- 
actions. 

35 [0018] Alternately, the communication front end 12 
may be connected to a network service provider 16 or a 
private network 18. For example, one of several com- 
mercial services now available may link users through- 
out a geographic area. Further, the communications 

40 front end 12 may provide an interface between the 
financial institution 10 and a private network 18 com- 
prising, for example, one or more local area networks 
(LAN) or wide area networks (WAN). 
[0019] As illustrated. Figure 1 shows direct links 

45 between the communications front end 12 and the vari- 
ous types of communication systems 14. 16, and 18. 
However, it will be understood by those skilled in the art 
that various combinations of such systems, and others, 
are possible. For example, a private network 22 may be 

50 accessed with the communications front end 1 2 through 
a network service provider 16. Other networks 26, such 
as the so-called "internet." may be accessed with the 
standard switch networks 14. 
[0020] The present invention comprises a financial 

55 information and transaction system comprising a host 
financial computer system as illustrated in Figure 1, 
which host system maintains records of user account 
information; at least one terminal providing a user inter- 
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face for accessing the host financial computer system, 
the at least one terminal including a means for transmit- 
ting and receiving data corresponding to the user 
account information, and a smart card interface device; 
wherein access to the records of user account informa- 
tion are organized in a hierarchy of three or more levels, 
this hierarchy comprising an initial level, a final level, 
and one or more intervening levels; wherein said 
records of user account information are accessed by 
passing through the hierarchy of three or nnore levels; 
and wherein means are provided for allowing access to 
the final level in the hierarchy by means of an automated 
task without passing through one or more intervening 
levels. 

[0021] An aspect of the present invention is a smart 
card (e.g., a plastic credit or debit card with a microconv 
puter embedded in the card) which stores financial and 
account identification information in memory. In order to 
use such a card, the computer in an automatic teller 
machine (ATM) or in a merchant terminal at a point of 
sale must interface with the rracrocomputer in the smart 
card. 

[0022] Figure 2 illustrates a multi-purpose smart card 
200 which pemfiits both financial and non-f inandai f mc- 
tions in an integrated system such as that described in 
Figure 1. The smart card 200 comprises a central 
processing unit 202 (CPU) which is connected to a read 
only memory 204(ROM). primarily used for storage of 
an operating system. A random access memory 206 
(RAM) is also provided for volatile storage of data, par- 
ticularly for program execution. The CPU 202 is opera- 
lively coupled to a serial internee 208 which in turn 
communicates with a smart card reader 210 according 
to techniques well known in the art 
[0023] The CPU is connected to an arithmetic logic 
unit 212. fa example, one suitable for processing large 
keys (512 byte keys, 1024 current RSA). An electrically 
erasable programmable read only memory 214 (EEP- 
ROM) is provided, which typically stores system files 
and applications. 

[0024] As illustrated in Figure 3, the smart card 200 of 
Figure 2 has different file paths for different functions. 
The EEPROM has a master file 220 and dedicated files 
for different applications. These dedicated files include 
a tHometric identification file 222 and an encrypted dig- 
ital signature f De 224. Also included Is a building access 
file 226 that contains information which enables the 
card to be used in conjunction with a security system. 
The master file 220 also is linked to a banking card debit 
file 228 which may also have its own security path for 
identification. The smart card has a prepaid function 
path 230 which can only be loaded through a secure 
function, and a "non-secure** electronic purse function 
file 232. These f Ses are readable by an external terminal 
and may be decremented as required from an outside 
terminal. 

[0025] In this exanple. the master file 220 also has a 
digital encryption capability 234 providing algorithmic 



computation for the processing of digital keys and 
encryption of. for example, the user's PIN. The algo- 
rithms used may provide symmetrical or asymmetrical 
encryption as known in the art. 

5 [0026] While the smart card utilized in the invention 
embodies a "computer", it has a fairly limited memory. 
For example, the EEPROM may be limited to the range 
between 3 to 8 kilobytes with cun-ent technology limita- 
tions. Accordingly, the smart card in the system prefera- 

10 biy acts as an enabling device for other systents 
according to known techniques. For example, the smart 
card provides validation of the individual and the service 
requested, but does not store large quantities of data on 
the card. 

15 [0027] The smart card 200 of Figure 2 and 3 includes 
two storage areas for storing monetary values. The first 
is an "electronic purse" represented by file 232. This 
area is used, for example, when the user makes a high 
value purchase by placing the smart card in a mer- 

20 chant's terminal. The user accepts the transaction and 
amount of the purchase entered by the merchant by 
entering the user's PIN. The user then approves the 
amount, for example, by pushing an "enter" button on a 
terminal keypad, the card purse cash value is then deb- 

25 ited by the requested amount, and, conversely, the mer- 
chant's account is credited that amount. 
[0028] A second area for storing monetary values on 
the card comprises a "pre-paid account" represented by 
file 230. This account is generally utilized for lower value 

30 purchases, for example, fifty dollars or less. This 
account Is kept In an unsecured cash area of the smart 
card and operates essentially like cash. For example, 
the user of the smart card may make purchases from 
this account without entering the user's PIN. Possible 

35 uses would include, preferably, low value, fast transac- 
tions such as at a cafeteria, or a vending machine, or 
when placing a local telephone call. 
[0029] The smart cards referred herein interface with 
the system through the use of varfous smart card 

40 reader/processors. These processors vary in complex- 
ity and sophistication depending upon the application. 
For example, when used to regulate buikJing access, 
the smart card may be inserted into a smart card reader 
which simply identifies the user. This oould be used in 

45 fower security areas, such as parking garages. A 
numerical keypad, by which a user's PIN may be 
entered, can be required for added security, such as at 
buikfing door entrances. For even further security, some 
biometric parameter (such as a fingerprint) may be 

so used for kJentification. This same access code with or 
without a PIN can be used in a smart card reader 
attached to a stand-alone or network personal computer 
to control the level of access to local or remote files. 
comnrKinication networks, databases and network serv- 

55 foes. 

[0030] In the aforementioned embodiments, the smart 
card incorporates optional digital encryption signatures 
and enayption algorithms to enable the smart card to 
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be validated from a remote location, such as a host 
computer at a financial institution or at off/on line mer- 
chant terminals equipped with a SAM module for off-line 
card authentication. In such instances both ends of the 
communication (for example, the host computer and the 
smart card) may each have an encryption key so that 
data (such as a PIN entry) which is sent via the smart 
card and is validated at the host computer. Thus, the 
host computer is able to validate that the smart card is 
authentic and that the proper user is using the smart 
card so that a financial transaction can take place. 
[0031) In a wireless off-line situation, the smart card 
and the terminal being used similarly validate one 
another because there is a possibility that a false termi- 
nal is being used. Accordingly, even in an off line sys- 
tem, security measures are available to validate the 
card, the terminal, and the user. 
[0032] In this invention, it is assumed that: 

• The financial institution has been authorized to cre- 
ate an application structure in a smart card, and 

• The smart card'^ file structure is capable of being 
altered under a secure, special access control after 
the stoicture has been created. 

[0033] To achieve the stated and other objects of the 
present invention, as embodied and described below, 
the invention may comprise: 

• an automatic teller machine; and 

• a smart card with at least one programmable mod- 
ule; and 

» the automatic teller machine recognizes the smart 
card as a programmable smart card. 

[0034] Smart cards interfacing with automatic teller 
machines (ATMs) or other terminals permitting access 
to a financial institution can provide a customer with an 
array of financial information and allow the customer to 
perform a wide variety of financial transactions. For 
example, such access can include review of balances in 
different accounts, review of transaction journals for var- 
ious accounts, perfornrvng fund transfers between differ- 
ent accounts, among others. These accounts can 
include, among others, savings accounts, checking 
accounts, brokerage accounts, stock portfolios, and 
other investment portfolios. 

[0035] As conventionally organized on typical ATM or 
home baking systems, this array of services is supplied 
to the customers by means of an extensive and complex 
menu structure, often arranged in a hierarchy of menu 
screens. This hierarchical menu structure can require 
the customer to navigate through many layers of options 
to arrive at a menu screen which permits the customer 
to carry out his desired transaction. This can result in 



8 

significant frustration on the part of the customer. 
[0036] The present invention provides a system in 
which a customer is placed at a desired menu screen 
within this hierarchical menu structure without having to 

5 navigate through a large number of intervening menu 
screens. Thus, the system has constructed a naviga- 
tional short-cut path through the menu screens. The 
customer, after logging onto the system (which log on 
procedure presumably will utilize at least one entry 

10 and/or security screen), the customer can utilize this 
navigational short cut path to take him or her directly to 
a menu screen which the customer wishes. 
[0037] It will be appreciated that the present invention 
includes a system in which the customer can specify an 

15 option selected from a group of two or more screens to 
which the system will take the customer. In one embod- 
iment of the present invention, the customer will enter a 
code which directs the system to execute the automated 
task of taking the customer past one or more screens 

20 and to a desired and pre-set screen. In another embod- 
iment, the system displays a listing of the various navi- 
gational short-cuts, which the customer has previously 
chosen. 

[0038] For example, if the customer wishes want to 
25 pay bills, he or she can input "PAY* and this command 
will take the customer to the bill payment menu. In the 
absence of the present system, the customer might 
have to go through six menus to reach the bill payment 
menu. 

30 [0039] The present invention permits the customer to 
establish a personal navigation path that will convey the 
customer directly to one or more desired menu screens. 
The choice of the destination menu screen will reflect 
the transaction that the customer wishes to execute. It 

35 will be appreciated that the present invention can be 
employed in conjunction with ATM devices, home bank- 
ing terminals, and other terminals which permit the use 
of smart cards in connection with obtaining financial 
information or In executing financial transactions, 

40 among others. 

[0040] In a preferred embodiment, upon logging onto 
a system permitting access to a financial computer sys- 
tem, a customer will encounter a menu screen that asks 
the customer whether he/she wishes the system to are- 

45 ate a personal navigation path for the given transaction. 
If the customer responds affirmatively, then the system 
will track the path that the customer follows in carrying 
out the transaction. This tracked path is then temporarily 
saved as a system-automated task. At the conclusion of 

50 the transaction, the customer is queried by the system if 
the customer wishes to save the navigational path just 
traversed. If the customer responds affirmatively, the 
system will save the navigational path as a system auto- 
mated task. 

55 [0041 ] In those embodiments off the present invention 
in which the system permits a customer to save more 
than one navigational short cut, the system will query 
the customer to identify the saved system automated 
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task by means of a code. It will be appreciated that this 
code can by numeric, alphabetic, or alphanumeric. The 
number of characters in the code can be one or more 
characters, the choice of the number of characters 
defining a code being a function of the number of navi- 
gational shortcuts that the system permits a customer to 
have, as well as memory limitations of the system and 
the smart card. 

[0042] In an alternate embodiment of the present 
invention, the system will automatically track the path 
that the customer follows in carrying out a transaction. 
This tracked path is then temporarily saved as a sys- 
tem-automated task. At the conclusion of the transac- 
tion, the customer is queried by the system if the 
customer wishes to save the navigational path just tra- 
versed. If the customer responds affirmatively, the sys- 
tem will save the navigational path as a system 
automated task. In those embodiments of the present 
invention, in which the system permits a customer to 
save more than one navigational short cut, the system 
will query the customer to identify the saved system 
automated task by means of a code. 
[0043] In yet another embodiment of the present 
invention, the system will automatically track the path 
that the customer follows in carrying out a transaction. 
This tracked path is then temporarily saved as a sys- 
tem-automated task. After a certain threshold number 
of traversals of the navigational path, the system will 
save it a system automated task, which will be invoked 
each time the customer logs on. However, if the cus- 
tomer deviates from the navigational shortcut, the sys- 
tem will reset and begin again automatically tracking the 
path that the customer folkiws in carrying out a transac- 
tion. 

[0044] In one preferred embodiment of tiie present 
invention, the saved system automated task is saved in 
EE R ROM memory provided on the smart card, such 
that the data can be saved when the smart card is 
removed. In another embodiment, the system will save 
the system automated task on a file server connected to 
the financial computer system. 
[0045] It will be recognized that the system of the 
preserrt invention is analogous, for example, to systems 
which allow for programming of a series of keystrokes 
as a "macro" in a word-processing program. Further, 
systems whk;h monitor performance of a system and 
construct routines based on such past performance are 
recognized as expert systems. Examples of such sys- 
tems can be found in U.S. Patent No. 5,487,135 and 
U.S. Patent No. 5,555,354, which are incorporated 
herein by reference. 

[0046] Because the microcomputer is embedded in 
the smart card body, the card surface must include elec- 
trical contacts whk;h function as a communk^tions port 
to internee the microcomputer in tiie card witii a proc- 
essor in an ATM or a merchant terminal. The power, 
input, and display for a smart card microcomputer is 
thus provided by interfacing the card with an ATM or 



merchant terminal. 

[0047] A smart card terminal must be provkJed with a 
detection mechanism to determine when a smart card 
has been inserted and that the card is properly posi- 

5 tioned. To be properly positioned, tiie communications 
contacts on the card must be in contact with electrical 
contacts that communicate with tiie terminal processor. 
[0048] Once the smart card is property positioned, tfie 
terminal will provkfe power to the microcomputer on the 

10 card and send a reset (RST) signal to tiie card. The card 
uses tiie RST signal to reset itself or to initiate an inter- 
nal reset function. When the card is reset, it sends the 
terminal an answer-to-reset (ATR) signal. The ATR sig- 
nal informs the card terminal of basic information about 

15 tiie card so tiiat communications between the card and 
tiie terminal can be established accordingly. 
[0049] Global standards for the physical construction 
of smart cards have been established and widely 
accepted. The International Standards Organization 

20 (ISO) standard 7816-1 to -6 specifies tiie physical char- 
acteristics of smart cards such as the size, composition, 
placement of electrical contacts, the electrical interface, 
tiie method of data transmission for smart cards i.e. 
T=0. T=1 etc., the interface message format and identi- 

25 fication of applications stored in the card. 

[0050] While ISO standard 7816 has largely led to uni- 
formity in tfie physical construction and communication 
protocol of smart cards, tiie standard does not specify 
tiie operating system or the application programming to 

30 be used. The operating system a smart card uses is tiie 
software that tells the microcomputer on the smart card 
how to execute application programs. For example, the 
Disk Operating System (DOS) used by IBM-conpatible 
desktop computers or System 7s used by Apples Mac- 

35 intosh computers are operating systems. 

[0051] A smart card operating system (SCOS) is 
established by tiie manufactuer of tiie miaocomputer 
embedded in tiie smart card. To protect it from being 
erased or modified, the SCOS will likely be hard-wired 

40 or masked onto the semi-conductor chip of the card's 
microcomputer and/or partially stored in EEPROM. 
[0052] The International Standard Organization has 
delined two standard metiiods for structuring informa- 
tion ior transmission between a smart card and an ATM 

46 or merchant terminal. They are: the character mode 
protocol (T=0). and a block mode protocol (T=1). As 
part of the power up sequence, an Automatic Termina- 
tion Response (ATR) message is returned from tiie 
smart card to identify the transmission protocol it sup- 

50 ports. Both transmission protocols are widely accepted 
by either ATM's or merchant terminals, and some smart 
cards can function using eitiier the T=0 or T=1 proto- 
cols. Based on the ATR message, tiie terminal and 
smart card can ttien agree on a protocol and transact. 

55 [0053] A first principal characteristic of smart card pro- 
gramming is its security system. In financial applica- 
tions, security is a key concern in the use of smart 
cards. To inspire bank, merchant and cardhokter conf i- 
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dence in smart card technology, sniart cards must be 
provided with security features to prevent unauthorized 
use of a lost or stolen card. Smart card security features 
must also prevent someone from fraudulently adding 
value to a card and from counterfeiting a card that can 
access a cardholder's account. 
[0054] The integrated circuits (IC's) used in smart 
cards are physically designed for security. For example, 
the key electrical signal leads are placed below the top 
layer of the IC construction. This helps prevent a coun- 
terfeiter from probing the leads to determine the elec- 
tronic addresses at which particular data is stored. 
Without this information, a counterfeiter cannot suc- 
cessfully counterfeit or compromise a smart card. 
[0055] Another example of a security feature is partic- 
ularly applicable to stored value cards. When function- 
ing as stored value cards, smart cards can be 
programmed and re-programmed to contain a particular 
value as desired by the cardholder. This value is gradu- 
ally depleted as purchases are made. A merchant termi- 
nal at a point of sale may be able to simply deduct value 
from the smart card, or the card can be designed to 
require the cardholder to input a personal identification 
number (PIN) before value may be deducted from the 
card. 

[0056] This security feature protects the value of the 
card from unauthorized use if the card is lost or stolen. 
A smart card may have both freely-accessible value and 
PIN-protected value stored on it. An ATM can be pro- 
vided with options that allow the cardholder to set the 
value of the smart card as desired. 
[0057] A smart card can have the option of allowing 
the user to lock and unlock the electronic purse using a 
personal reader device equivalent in size to a small 
hand held calculator. 

[0058] To provide a higher level of security, a smart 
card system can make use of security algorithms. A 
security algorithm is a series of mathematical functions 
that can be perfomied on a number or alphanumeric 
string. With a security algorithm, an ATM or a merchant 
terminal will perform the steps of the algorithm on a ran- 
domly generated string. This is called encryption. 
[0059] The result is communicated by the ATM or mer- 
chant terminal to the smart card. The smart card tiien 
performs the steps of the algorithm in reverse order on 
the encrypted string provided by the ATM or merchant 
terminal. This Is called deayption. An encryption key is 
a specific number or string that Is used to govern the 
behavior of the encryption/decryption process. If the 
smart card has the correct algorithm and encryption 
key, it will generate the same string with which the ATM 
or merchant terminal started. 
[0060] Encryption and decryption, also called cipher- 
ing and deciphering, prevent someone from counterfeit- 
ing a smart card as long as the encryption keys are 
known only to the issuer of the smart card and the entity 
supporting the ATM and merchant terminal system. If 
the smart card's result is the same string with which tiie 



ATM or merchant terminal started, the smart card is 
authenticated and the desired transaction may proceed. 
[0061] Two types of enayption schemes now in use 
are an asymmetric encoding system and a symmetrical 

5 encoding system In a symmetrical encoding system, 
both encipher and decipher use an identical key. In 
order to maintain the security for the whole system, this 
key must be kept secret. Several symmetrical encoding 
system which have been adopted by the industry are 

10 entitled the Data Encryption Standard (DES) and the 
RC4/RC5 algorithm proposed by RSA. The DES algo- 
rithm has been used longer tiian any other algorithm 
and has been more widely accepted by the world-wide 
financial industry. Every card and each terminal used in 

15 the system must have the correct key established to 
reach the correct result and be authenticated when 
challenged. To be successful, a counterfeiter must 
determine the correct key. Aided with a limited number 
or retrials, the level of security is raised. 

20 [0062] An asymmetrical encoding system uses a pair 
of keys to cipher/decipher respectively. Knowledge of 
one key does not aid In the derivation of the otiier key. 
This encoding algoritiim allows the sender to publish 
one key (public key) and keep the other key (private) 

25 secret witiiout compromising the system^ security. 
Tlierefore, the asymmetrical encoding system is also 
called the public key cryptography (PKC) system. 
[0063] In an asymmetrical encoding system, both a 
public and private key are used witii the security atgo- 

30 rrthm. The private key is specific to each cardholder*^ 
account and will be known only by the ATM or merchant 
terminal and the cardholder's smart card. By keeping 
this key secret, the counterfeiter will have problems pen- 
etrating the system. 

35 [0064] In addition, different public and private keys 
can be established for when tiie smart card is being 
used as a credit card, a stored value card, a debit card, 
etc. Though effective, such security measures inaease 
the cost of tiie smart card in proportion to the level of 

40 security provided. 

[0065] Additionally, messages transmitting information 
or instructions between a smart card and a terminal 
may be encrypted by the sender and decrypted by the 
receiver to prevent a counterfeiter from tapping into the 

45 communication between an authentic card and an 
authorized terminal to make illk»t use of the interaction. 
[0066] Another principal characteristic of a smart card 
application program is the set of access conditions. A 
computerized system, such as smart cards and card 

50 terminals, must have a system which allows the card or 
tiie card terminal to read and write data in memory 
when doing so is appropriate. The application program- 
ming on tiie smart card or the application program being 
run by the terminal tells the components of the system 

55 when to read and write data and allows reading/writing 
under tiie established access conditions. 
[0067] Still another characteristic of a smart card 
application program is its data structure. The data struc- 
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ture is the set of rules an application program uses to 
determine where in the memory of the smart card par- 
ticular data or types of data will be stored. 
[0068] Obviously, numerous modifications and varia- 
tions of the present invention are possible in light of the 
above teachings. It is therefore to be understood that 
within the scope of the appended claims, the invention 
may be practiced othenA^ise than as specifically 
described herein. 

Claims 

1. A financial information and transaction system 
conrprlsing: 

a host financial computer system, said host 
system maintaining records of user account 
information; 

at least one terminal providing a user interface 
for accessing said host financial computer sys- 
tem, said at least one terminal including a 
means for transmitting and receiving data cor- 
responding to the user account information, 

a smart card interface device; 

and a smart card; 

wherein access to said records of user account 
information are organized in a hierarchy of 
three or more levels, said hierarchy of three or 
more levels comprising an initial level, a final 
level, and one or more intervening levels; 
wherein said records of user account informa- 
tion are accessed by passing through said hier- 
archy of three or more levels; and 
wherein means are provided for allowing 
access to the final level in the hierarchy by an 
automated task without passing through said 
one or more intervening levels. 

2- The system according to Claim 1. wherein said 
means for allowing access to the final level in the 
hierarchy by an automated task is provided on the 
smart card. 

3. The system according to Claim 1, wherein said 
means for allowing access to the final level in the 
hierarchy by an automated task is provided in the 
smart card interface device. 

4. The system according to Claim 1, wherein said 
means for allowing access to the final level in the 
hierarchy by an automated task is provided on the 
host financial computer system. 

5. The system according to Claim 1, wherein said 
records of user account information comprises 



checking account balance. 

6. The system according to Claim 1, wherein said 
records of user account infornriation comprises sav- 

5 ings account balance. 

7. A financial information and transaction system 
comprising: 

10 a host financial computer system, sakJ host 

system maintaining records of user account 
information; 

at least one terminal providing a user interface 
IS for accessing said host financial computer sys- 

tem, said at least one terminal including a 
means for conducting a transaction based on 
the user account information, 

20 a smart card interface device; 

and a smart card; 

wherein conducting said transaction based on 
said records of user account information is 
25 organized in a hierarchy of three or more levels, 

said hierarchy of three or more levels compris- 
ing an initial level, a final level, and one or more 
intervening levels; 

wherein said transaction is conducted by pass- 
so ing through said hierarchy of three or more lev- 
els; and 

wherein means are provided for allowing 
access to the final level in the hierarchy by an 
automated task without passing through said 
35 one or more intervening levels. 

8. The system according to Claim 7, wherein said 
means for allowing access to the final level in the 
hierarchy by an automated task is provided on the 

40 smart card. 

9. The system according to Claim 7, wherein said 
means for allowing access to the final level in the 
hierarchy by an automated task is provided In the 

45 smart card interface device. 

10. The system according to Claim 7. wherein said 
means for allowing access to the final level In the 
hierarchy by an automated task is provided on the 

50 host financial computer system. 

11. The system according to Claim 7. wherein said 
transaction comprises a deposit of funds. 

55 12. The system according to Claim 7, wherein said 
transaction comprises a withdrawal of funds. 

13. The system according to Claim 7, wherein said 
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transaction comprises an exchange o1 currency. 

14. The system accoitiing to Claim 7. wherein said 
transaction comprises a transfer of funds between 
said user's checking account and said user's sav- s 
ings account. 

15. The system according to Claim 7, wherein said 
transaction comprises a purchase of stock. 

10 

16. The system according to Claim 7, wherein said 
transaction comprises a sale of stock. 
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(54) System for performing financial transactions using a smart card 



(57) A financial Information and transaction system 
comprising a liost financial computer system, which 
host system maintains records of user account inf ornia- 

tion; at least one terminal providing a user interface for 
accessing the host financial computer system, the at 
least one terminal including a means for transmitting 
and receiving data corresponding to the user account 
infomnation, and a smart card Interface device; wherein 
access to the records of user account information are 
organized in a hierarchy of three or more levels, which 
hierarchy comprises an initial level, afinal level, and one 
or more intervening levels; wherein the records of user 
account information are accessed by passing through 
the hierarchy of three or more levels; and wherein 
means are provided for allowing access to the final level 
in the hierarchy by an automated tasic without passing 
through the one or more Intervening levels is described. 
Further, a financial Infomriation and transaction system 
comprising a host financial computer system, said host 
system maintaining records of user account infomriation; 
at least one terminal providing a user interface for ac- 
cessing said host financial computer system, said at 
least one terminal including a means for conducting a 
transaction based on the user account infomriation, a 
smart card interface device; and a smart card; wherein 
conducting said transaction based on said records of us- 
er account information is organized in a hierarchy of 
three or more levels, said hierarchy of three or more lev- 
els comprising an initial level, a final level, and one or 
more intervening levels; wherein said transaction is con- 
ducted by passing through said hierarchy of three or 



more levels; and wherein means are provided for allow- 
ing access to the final level in the hierarchy by an auto- 
mated task without passing through said one or more 

intervening levels Is described. These transactions in- 
clude a deposit of funds; a withdrawal of funds; an ex- 
change of currency; a transfer of funds between said 
user's checking account and said user's savings ac- 
count; a purchase of stock; and a sale of stock. 



Figure 1 



PRNATE 
NETWORK 



FINANCtAL 

D'lSTnvnoM 

MOSTi... 
OOMPUTBl 



CCMMUNI. 
CATIONS 
mOKT 
END 



NETWORK 
6QMC£ 
PROMDSt 



STANDARD 

awircHED 



PfWATE 
NETWORK 



COMHER- 








VVJRELES5 

















NETWORKS 





Printed by Jouve, 75001 PARIS (FH) 



EP 0 935 224 A3 



European Patent 
Office 



EUROPEAN SEARCH REPORT 



AppncftUon Number 

EP 98 20 4345 



DOCUMENTS CONSIDERED TO BE RELEVANT 



Category 



Citation of document wtth indication, where appropriate, 
of relevant passages 



Relevant 
todalm 



CLASStFtCATiON OP THE 
APPLfCATTON (IntaA) 



EP 0 717 381 A (MASTERCARD INTERNATIONAL 
INC) 19 June 1996 (1996-06-19) 

* the whole document * 

EP 0 621 527 A (HEWLETT PACKARD CO) 
26 October 1994 (1994-10-26) 

* the whole document * 

WO 96 28778 A (KNIGHTS TECHNOLOGY INC) 
19 September 1996 (1996-09-19) 

* the whole document * 

US 5 578 808 A (TAYLOR DOUGLAS C) 
26 November 1996 (1996-11-26) 

* the whole document * 

EP 0 446 081 A (GEMPLUS CARD INT) 
11 September 1991 (1991-09-11) 

* the whole document * 

US 5 689 668 A (SPALL ROGER ET AL) 
18 November 1997 (1997-11-18) 

* the whole document * 



1-16 



1-16 



1-16 



1-16 



1-16 



1-16 



Th9 present search report has been drawn up for alt claims 



G07F7/10 

G07F19/00 

G07F7/08 



TECHNICAL RELDS 



G06F 
G07F 



PlBDeelsMrch 

MUNICH 



Datt or oompMloiT of tf<« search 

18 March 2002 



Stenger, M 



CATEGORY OF CITED DOCUMENTS 

X : partfcularty relevant K taken alone 

Y : particuJarly reJevanl if oomb»ned wltn another 

documerrl of the same category 
A : techrioloQlcal background 
O : non-written dlsdosure 
P : bitfirmedlata document 



T : thaory cr principle ttfiderlyir^ the Invention 
b : eaiilef patent document, but published on, or 

after the filing dale 
D : document died in the apptication 
L : document died for other reasons 

& : iTtember of the same patent family, correspordirTg 
docuirant 



2 



EP 0 935 224 A3 



ANNEX TO THE EUROPEAN SEARCH REPORT 

ON EUROPEAN PATENT APPLICATION NO. EP 98 20 4345 



This annex lists the patent family members relating to the patent documents dted In the above-mentioned European search report. 
The members are as contained In the Euiopean Patent Office EDP file on 

The Bjropean Patent Office Is In no way Bable for these particulars which are merely given for the purpose of Information. 

18-03-2002 



Paterrt document 
dted in search report 



Publication 
date 



Patent family 
member(s) 



PublicaUon 
dale 



EP. 0717381 A 



EP 0621527 A 



WO 9628778 A 



US 5578808 A 



19-06-1996 



US 
AU 
AU 
CA 
EP 
WO 



26-10-1994 



EP 
JP 



19-09-1996 



IL 
WO 

US 



26-11-1996 US 
AU 
AU 
CA 
CN 
DE 
GB 



5705798 A 
692584 B2 
3205695 A 
2207970 Al 
0717381 Al 
9618979 Al 



06-01-1998 
11-06-1998 
03-07-1996 
20-06-1996 

19- 05-1996 

20- 06-1996 



0621527 Al 
6348481 A 



117457 A 
9628778 Al 
6088712 A 



26-10-1994 
22-12-1994 

22-09-1999 
19-09-1996 
11-07-2000 



5530232 A 
700543 B2 
4573596 A 
2170327 Al 
1138723 A 
19607363 Al 
2298505 A ,B 



25-06-1996 
07-01-1999 
05-09-1996 
29-08-1996 
25-12-1996 
19-09-1996 
04-09-1996 



EP 0446081 A 11-09-1991 



US 5689668 A 18-11-1997 



FR 


2657445 


Al 


26-07-1991 


DE 


69100005 


Dl 


19-11-1992 


DE 


69100005 


T2 


25-02-1993 


EP 


0446081 


Al 


11-09-1991 


ES 


2035758 


T3 


16-04-1993 


JP 


4213116 


A 


04-08-1992 


US 


5212369 


A 


18-05-1993 


CA 


2095452 


Al 


05-11-1994 


EP 


0623870 


A2 


09-11-1994 


JP 


3084666 


B2 


04-09-2000 


JP 


6332648 


A 


02-12-1994 


US 


5559945 


A 


24-09-1995 



a; For more details about this annex : see Official Journal of Ihe European Patent Office, hb. 12/82 



3 



THIS PAGE BLANK (Mspto) 



